/[LeafOK_CVS]/lbbs/src/login.c
ViewVC logotype

Diff of /lbbs/src/login.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.49 by sysadm, Wed Jul 2 04:17:33 2025 UTC Revision 1.59 by sysadm, Thu Oct 16 10:10:48 2025 UTC
# Line 18  Line 18 
18  #include "common.h"  #include "common.h"
19  #include "database.h"  #include "database.h"
20  #include "io.h"  #include "io.h"
21    #include "ip_mask.h"
22  #include "log.h"  #include "log.h"
23  #include "login.h"  #include "login.h"
24  #include "screen.h"  #include "screen.h"
# Line 29  Line 30 
30  #include <regex.h>  #include <regex.h>
31  #include <unistd.h>  #include <unistd.h>
32  #include <mysql/mysql.h>  #include <mysql/mysql.h>
33    #include <sys/param.h>
34    
35  int bbs_login(void)  int bbs_login(void)
36  {  {
# Line 59  int bbs_login(void) Line 61  int bbs_login(void)
61                  {                  {
62                          display_file(DATA_REGISTER, 1);                          display_file(DATA_REGISTER, 1);
63    
64                          return 0;                          return -1;
65                  }                  }
66    
67                  if (username[0] != '\0')                  if (username[0] != '\0')
# Line 179  int check_user(const char *username, con Line 181  int check_user(const char *username, con
181          }          }
182          if ((row = mysql_fetch_row(rs)))          if ((row = mysql_fetch_row(rs)))
183          {          {
184                  if (atoi(row[0]) > BBS_allowed_login_failures_within_interval)                  if (atoi(row[0]) >= BBS_allowed_login_failures_within_interval)
185                  {                  {
186                          prints("\033[1;31m来源存在多次失败登陆尝试,请稍后再试\033[m\r\n");                          prints("\033[1;31m来源存在多次失败登陆尝试,请稍后再试,或使用Web方式访问\033[m\r\n");
187                          ret = 1;                          ret = 1;
188                          goto cleanup;                          goto cleanup;
189                  }                  }
# Line 189  int check_user(const char *username, con Line 191  int check_user(const char *username, con
191          mysql_free_result(rs);          mysql_free_result(rs);
192          rs = NULL;          rs = NULL;
193    
194          // Failed login attempts against the current username during certain time period          // Failed login attempts against the current username since last successful login
195          snprintf(sql, sizeof(sql),          snprintf(sql, sizeof(sql),
196                           "SELECT COUNT(*) AS err_count FROM user_err_login_log "                           "SELECT COUNT(*) AS err_count FROM user_err_login_log "
197                           "WHERE username = '%s' AND login_dt >= SUBDATE(NOW(), INTERVAL 1 DAY)",                           "LEFT JOIN user_list ON user_err_login_log.username = user_list.username "
198                             "LEFT JOIN user_pubinfo ON user_list.UID = user_pubinfo.UID "
199                             "WHERE user_err_login_log.username = '%s' "
200                             "AND (user_err_login_log.login_dt >= user_pubinfo.last_login_dt "
201                             "OR user_pubinfo.last_login_dt IS NULL)",
202                           username);                           username);
203          if (mysql_query(db, sql) != 0)          if (mysql_query(db, sql) != 0)
204          {          {
# Line 208  int check_user(const char *username, con Line 214  int check_user(const char *username, con
214          }          }
215          if ((row = mysql_fetch_row(rs)))          if ((row = mysql_fetch_row(rs)))
216          {          {
217                  if (atoi(row[0]) >= 5)                  if (atoi(row[0]) >= BBS_allowed_login_failures_per_account)
218                  {                  {
219                          prints("\033[1;31m账户存在多次失败登陆尝试,请使用Web方式登录\033[m\r\n");                          prints("\033[1;31m账户存在多次失败登陆尝试,请使用Web方式登录解锁\033[m\r\n");
220                          ret = 1;                          ret = 1;
221                          goto cleanup;                          goto cleanup;
222                  }                  }
# Line 516  int user_online_del(MYSQL *db) Line 522  int user_online_del(MYSQL *db)
522          return 0;          return 0;
523  }  }
524    
525    int user_online_exp(MYSQL *db)
526    {
527            char sql[SQL_BUFFER_LEN];
528    
529            // +1 exp for every 5 minutes online since last logout
530            // but at most 24 hours worth of exp can be gained in Telnet session
531            snprintf(sql, sizeof(sql),
532                            "UPDATE user_pubinfo SET exp = exp + FLOOR(LEAST(TIMESTAMPDIFF("
533                            "SECOND, GREATEST(last_login_dt, IF(last_logout_dt IS NULL, last_login_dt, last_logout_dt)), NOW()"
534                            ") / 60 / 5, 12 * 24)), last_logout_dt = NOW() "
535                            "WHERE UID = %d",
536                            BBS_priv.uid);
537            if (mysql_query(db, sql) != 0)
538            {
539                    log_error("Update user_pubinfo error: %s\n", mysql_error(db));
540                    return -1;
541            }
542    
543            return 0;
544    }
545    
546  int user_online_update(const char *action)  int user_online_update(const char *action)
547  {  {
548          MYSQL *db = NULL;          MYSQL *db = NULL;
549          char sql[SQL_BUFFER_LEN];          char sql[SQL_BUFFER_LEN];
550    
551          if (strcmp(BBS_current_action, action) == 0) // No change          if ((action == NULL || strcmp(BBS_current_action, action) == 0) &&
552                    time(NULL) - BBS_current_action_tm < BBS_current_action_refresh_interval) // No change
553          {          {
554                  return 0;                  return 0;
555          }          }
556    
557          strncpy(BBS_current_action, action, sizeof(BBS_current_action) - 1);          if (action != NULL)
558          BBS_current_action[sizeof(BBS_current_action) - 1] = '\0';          {
559                    strncpy(BBS_current_action, action, sizeof(BBS_current_action) - 1);
560                    BBS_current_action[sizeof(BBS_current_action) - 1] = '\0';
561            }
562    
563            BBS_current_action_tm = time(NULL);
564    
565          db = db_open();          db = db_open();
566          if (db == NULL)          if (db == NULL)

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1